Call Our API Endpoints

When calling any API resource, you need to place the previously obtained OAuth 2.0 authorization token in the Authorization HTTP header:

Authorization: Bearer ${ACCESS_TOKEN}

For accessing PSD2 related services (AISP, PISP), you also need to have a proper client certificate (mutual TLS) issued for a PSD2 licensed subject for every server API call.

Supported Standards

API services we publish currently support the Czech Open Banking Standard (COBS) in the latest version 2.0. The COBS standard provides services for:

  • List of payment accounts and balances.
  • Transactions on a payment account.
  • Initiation and confirmation of payment.
  • Balance check on a payment account.

We also keep the list of all supported standards and versions, where you can also find a bit more information about the standards.

Quick Example

❗️

Mutual TLS Required

Do not forget that to call this resource, you must use mutual TLS with your eIDAS certificate with mandates for PSD2. Just using the OAuth 2.0 access token is not sufficient.

To call an API for the list of accounts, you can use the following resource:

GET /cobs/2.0/my/accounts

{
  "pageNumber": 0,
  "pageCount": 1,
  "pageSize": 1,
  "totalCount": 1,
  "accounts": [
    {
      "id": "C8282D2EB4B1265AF5087364C0",
      "identification": {
        "iban": "CZ5707100000000040242901",
        "other": "0-40242901/0710"
      },
      "currency": "CZK",
      "servicer": {
        "bankCode": "0710",
        "countryCode": "CZ",
        "bic": "CNBACZPP"
      },
      "nameI18N": "NOVAK JAN",
      "productI18N": "Bankokonto"
    }
  ]
}

API Reference

You can read more about our API calls in the reference manual. You can also download the Open API definition files to generate your client code automatically.


What’s Next

Read our API Reference to see what data is available.